package com.ccnu.JobHub.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.ccnu.JobHub.common.util.Token;
import com.ccnu.JobHub.model.common.Result;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.lang.NonNull;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

@Component
@Slf4j
public class LoginCheckInterceptor implements HandlerInterceptor {
    /**
     *
     * @param request 请求
     * @param response 回复
     * @param handler 表示当前请求处理器的对象
     * @return true代表放行，false代表不放行，目标资源方法运行之前，也就是controller之前的
     * @throws Exception 异常
     */
    @Override
    public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) throws Exception {
        log.info("拦截请求成功");
        String jwt = request.getHeader("token");
        String url = String.valueOf(request.getRequestURI());

        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
        response.setHeader("Access-Control-Allow-Headers", "*");
//        return true;
        if (!StringUtils.hasLength(jwt)){
            Result error = Result.error("NOT_LOGIN");
            String notLogin = JSONObject.toJSONString(error);
            response.getWriter().write(notLogin);
            log.info("--------------------没有token--------------------");
            return false;
        }

        if(Token.inspectOldToken(jwt).equals("false")){
            Result error = Result.error("NOT_LOGIN");
            String notLogin = JSONObject.toJSONString(error);
            response.getWriter().write(notLogin);
            log.info("--------------------token不合法--------------------");
            return false;
        }
        else if(Token.inspectOldToken(jwt).equals("temp") && !url.equals("/api/auth/verifyCAPTCHA")){
            log.info("--------------------临时token不能通过除验证验证码之外的请求--------------------");
            Result error = Result.error("临时token不具有访问其他接口权限");
            String authority = JSONObject.toJSONString(error);
            response.getWriter().write(authority);
            return false;
        }
        log.info("--------------------token合法通过--------------------");
        return true;
    }

    /**
     *
     * @param request 请求
     * @param response 回复
     * @param handler 处理操作
     * @param modelAndView 模型和视图
     * @throws Exception 报错
     * 目标资源方法运行之后
     */
    @Override
    public void postHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler, ModelAndView modelAndView) throws Exception {
        HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
    }

    @Override // 视图渲染后运行
    public void afterCompletion(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler, Exception ex) throws Exception {
        HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
    }
}
